Faculty Profiles - WU Daoyuan | The Hong Kong University of Science and Technology

Daoyuan WU
吳道遠

PhD in Information Systems
Singapore Management University, 2019

Research Assistant Professor
Department of Computer Science and Engineering

(852) 2358 8331
daoyuan@ust.hk
Room 2542
Personal Web

Google Scholar

WtO-bN8AAAAJ

Scopus ID

56493614100

Research Interest Publications Teaching Assignment

Research Interest

Cybersecurity

Publications

All Years 26 2025 0 2024 3 2023 2 2022 3 2021 4 2020 1 2019 13

2024 3

GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis

ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering / Association for Computing Machinery. New York, NY : Association for Computing Machinery, 2024, p. 1-13, article number 166
Sun, Yuqiang; Wu, Daoyuan; Xue, Yue; Liu, Han; Wang, Haijun; Xu, Zhengzi; Xie, Xiaofei; Liu, Yang
Conference paper

MtdScout: Complementing the Identification of Insecure Methods in Android Apps via Source-to-Bytecode Signature Generation and Tree-based Layered Search

Zhang, Zicheng; Ma, Haoyu; Wu, Daoyuan; Gao, Debin; Yi, Xiao; Chen, Yufan; Wu, Yan; Jiang, Lingxiao
Conference paper

On Extracting Specialized Code Abilities from Large Language Models: A Feasibility Study

Proceedings - International Conference on Software Engineering / IEEE Computer Society. Piscataway, NJ : IEEE Computer Society, 2024, p. 893-905
Li, Zongjie; Wang, Chaozheng; Ma, Pingchuan; Liu, Chaowei; Wang, Shuai; Wu, Daoyuan; Gao, Cuiyun; Liu, Yang
Conference paper

2023 2

Beyond "Protected" and "Private": An Empirical Security Analysis of Custom Function Modifiers in Smart Contracts

ISSTA 2023 - Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, July 2023, p. 1157-1168
Fang, Yuzhou; Wu, Daoyuan; Yi, Xiao; Wang, Shuai; Chen, Yufan; Chen, Mengjie; Liu, Yang; Jiang, Lingxiao
Conference paper

BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects

Yi, Xiao; Fang, Yuzhou; Wu, Daoyuan; Jiang, Lingxiao
Conference paper

2022 3

Active Warden Attack: On the (In)Effectiveness of Android App Repackage-Proofing

IEEE Transactions on Dependable and Secure Computing, v. 19, (5), September 2022, p. 3508-3520
Ma, Haoyu; Li, Shijia; Gao, Debin; Wu, Daoyuan; Jia, Qiaowen; Jia, Chunfu
Article

An empirical study of blockchain system vulnerabilities: modules, types, and patterns

ESEC/FSE 2022: Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering / Association for Computing Machinery. New York, NY : Association for Computing Machinery, 2022, p. 709-721
Yi, Xiao; Wu, Daoyuan; Jiang, Lingxiao; Fang, Yuzhou; Zhang, Kehuan; Zhang, Wei
Conference paper

LiCA: A Fine-grained and Path-sensitive Linux Capability Analysis Framework

Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses, October 2022, p. 364-379
Sun, Menghan; Song, Zirui; Ren, Xiaoxi; Wu, Daoyuan; Zhang, Kehuan
Conference paper

2021 4

Deep-Learning-Based App Sensitive Behavior Surveillance for Android Powered Cyber-Physical Systems

IEEE Transactions on Industrial Informatics, v. 17, (8), August 2021, p. 5840-5850
Ma, Haoyu; Tian, Jianwen; Qiu, Kefan; Lo, David; Gao, Debin; Wu, Daoyuan; Jia, Chunfu; Baker, Thar
Article

Scalable online vetting of Android apps for measuring declared SDK versions and their consistency with API calls

Empirical Software Engineering, v. 26, (1), January 2021, article number 7
Wu, Daoyuan; Gao, Debin; Lo, David
Article

On the usability (in)security of in-app browsing interfaces in mobile apps

RAID '21: Proceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses, October 2021, p. 386-398
Zhang, Zicheng; Wu, Daoyuan; Li, Lixiang; Gao, Debin
Conference paper

When Program Analysis Meets Bytecode Search: Targeted and Efficient Inter-procedural Analysis of Modern Android Apps in BackDroid

Proceedings of the 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021, June 2021, p. 543-554
Wu, Daoyuan; Gao, Debin; Deng, Robert H.; Chang, Rocky K. C.
Conference paper

2020 1

Understanding Android VoIP Security: A System-Level Vulnerability Assessment

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 12223, June 2020, p. 110-131
He, En; Wu, Daoyuan; Deng, Robert H.
Conference paper

2019 3

An empirical study of mobile network behavior and application performance in the wild

Proceedings of the International Symposium on Quality of Service, IWQoS 2019, June 2019, article number 4
Zhang, Shiwei; Li, Weichao; Wu, Daoyuan; Jin, Bo; Gao, Debin; Wang, Yi; Chang, Rocky K. C.; Mok, Ricky K. P.
Conference paper

Towards understanding android system vulnerabilities: Techniques and insights

Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, July 2019, p. 295-306
Wu, Daoyuan; Gao, Debin; Cheng, Eric K. T.; Cao, Yichen; Jiang, Jintao; Deng, Robert H.
Conference paper

Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment

Wu, Daoyuan; Gao, Debin; Chang, Rocky K.C.; He, En; Cheng, Eric K.T.; Deng, Robert H.
Conference paper

2018 3

Toward Accurate Network Delay Measurement on Android Phones

IEEE Transactions on Mobile Computing, v. 17, (3), March 2018, p. 717-732
Li, Weichao; Wu, Daoyuan; Chang, Rocky K. C.; Mok, Ricky K. P.
Article

SCLib: A practical and lightweight defense against component hijacking in android applications

CODASPY '18: Proceedings of the 8th ACM Conference on Data and Application Security and Privacy, v. 2018, March 2018, p. 299-306
Wu, Daoyuan; Cheng, Yao; Gao, Debin; Li, Yingjiu; Deng, Robert H.
Conference paper

Towards dynamically monitoring android applications on non-rooted devices in the wild

WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, June 2018, p. 212-223
Tang, Xiaoxiao; Wu, Daoyuan; Lin, Yan; Gao, Debin
Conference paper

2017 2

Measuring the declared SDK versions and their consistency with API calls in android apps

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 10251, June 2017, p. 678-690
Wu, Daoyuan; Liu, Ximing; Xu, Jiayun; Lo, David; Gao, Debin
Conference paper

MopEye: Opportunistic monitoring of per-app mobile network performance

Proceedings of the 2017 USENIX Annual Technical Conference, USENIX ATC 2017, 2017, p. 445-457
Wu, Daoyuan; Chang, Rocky K.C.; Li, Weichao; Cheng, Eric K.T.; Gao, Debin
Conference paper

2016 2

Demystifying and puncturing the inflated delay in smartphone-based WiFi network measurement

Proceedings of the 12th International Conference on Emerging Networking Experiments and Technologies, December 2016, p. 497-504
Li, Weichao; Wu, Daoyuan; Chang, Rocky K.C.; Mok, Ricky K.P.
Conference paper

Stack layout randomization with minimal rewriting of android binaries

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 9558, 2016, p. 229-245
Liang, Yu; Ma, Xinjie; Wu, Daoyuan; Tang, Xiaoxiao; Gao, Debin; Peng, Guojun; Jia, Chunfu; Zhang, Huanguo
Conference paper

2015 2

Indirect File Leaks in Mobile Applications

Wu, Daoyuan; Chang, Rocky K.C.
Conference paper

On the accuracy of smartphone-based mobile network measurement

IEEE INFOCOM 2015 - Conference on Computer Communications and Networks, v. 26, August 2015, p. 370-378
Li, Weichao; Mok, Ricky K. P.; Wu, Daoyuan; Chang, Rocky K. C.
Conference paper

2014 1

Analyzing Android browser apps for file:// vulnerabilities

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 8783, 2014, p. 345-363
Wu, Daoyuan; Chang, Rocky K.C.
Conference paper

Conference paper 3

GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis

ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering / Association for Computing Machinery. New York, NY : Association for Computing Machinery, 2024, p. 1-13, article number 166
Sun, Yuqiang; Wu, Daoyuan; Xue, Yue; Liu, Han; Wang, Haijun; Xu, Zhengzi; Xie, Xiaofei; Liu, Yang

MtdScout: Complementing the Identification of Insecure Methods in Android Apps via Source-to-Bytecode Signature Generation and Tree-based Layered Search

Zhang, Zicheng; Ma, Haoyu; Wu, Daoyuan; Gao, Debin; Yi, Xiao; Chen, Yufan; Wu, Yan; Jiang, Lingxiao

On Extracting Specialized Code Abilities from Large Language Models: A Feasibility Study

Proceedings - International Conference on Software Engineering / IEEE Computer Society. Piscataway, NJ : IEEE Computer Society, 2024, p. 893-905
Li, Zongjie; Wang, Chaozheng; Ma, Pingchuan; Liu, Chaowei; Wang, Shuai; Wu, Daoyuan; Gao, Cuiyun; Liu, Yang

Conference paper 2

Beyond "Protected" and "Private": An Empirical Security Analysis of Custom Function Modifiers in Smart Contracts

ISSTA 2023 - Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, July 2023, p. 1157-1168
Fang, Yuzhou; Wu, Daoyuan; Yi, Xiao; Wang, Shuai; Chen, Yufan; Chen, Mengjie; Liu, Yang; Jiang, Lingxiao

BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects

Yi, Xiao; Fang, Yuzhou; Wu, Daoyuan; Jiang, Lingxiao

Article 1

Active Warden Attack: On the (In)Effectiveness of Android App Repackage-Proofing

IEEE Transactions on Dependable and Secure Computing, v. 19, (5), September 2022, p. 3508-3520
Ma, Haoyu; Li, Shijia; Gao, Debin; Wu, Daoyuan; Jia, Qiaowen; Jia, Chunfu

Conference paper 2

An empirical study of blockchain system vulnerabilities: modules, types, and patterns

ESEC/FSE 2022: Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering / Association for Computing Machinery. New York, NY : Association for Computing Machinery, 2022, p. 709-721
Yi, Xiao; Wu, Daoyuan; Jiang, Lingxiao; Fang, Yuzhou; Zhang, Kehuan; Zhang, Wei

LiCA: A Fine-grained and Path-sensitive Linux Capability Analysis Framework

Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses, October 2022, p. 364-379
Sun, Menghan; Song, Zirui; Ren, Xiaoxi; Wu, Daoyuan; Zhang, Kehuan

Article 2

Deep-Learning-Based App Sensitive Behavior Surveillance for Android Powered Cyber-Physical Systems

IEEE Transactions on Industrial Informatics, v. 17, (8), August 2021, p. 5840-5850
Ma, Haoyu; Tian, Jianwen; Qiu, Kefan; Lo, David; Gao, Debin; Wu, Daoyuan; Jia, Chunfu; Baker, Thar

Scalable online vetting of Android apps for measuring declared SDK versions and their consistency with API calls

Empirical Software Engineering, v. 26, (1), January 2021, article number 7
Wu, Daoyuan; Gao, Debin; Lo, David

Conference paper 2

On the usability (in)security of in-app browsing interfaces in mobile apps

RAID '21: Proceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses, October 2021, p. 386-398
Zhang, Zicheng; Wu, Daoyuan; Li, Lixiang; Gao, Debin

When Program Analysis Meets Bytecode Search: Targeted and Efficient Inter-procedural Analysis of Modern Android Apps in BackDroid

Proceedings of the 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021, June 2021, p. 543-554
Wu, Daoyuan; Gao, Debin; Deng, Robert H.; Chang, Rocky K. C.

Conference paper 1

Understanding Android VoIP Security: A System-Level Vulnerability Assessment

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 12223, June 2020, p. 110-131
He, En; Wu, Daoyuan; Deng, Robert H.

Conference paper 3

An empirical study of mobile network behavior and application performance in the wild

Proceedings of the International Symposium on Quality of Service, IWQoS 2019, June 2019, article number 4
Zhang, Shiwei; Li, Weichao; Wu, Daoyuan; Jin, Bo; Gao, Debin; Wang, Yi; Chang, Rocky K. C.; Mok, Ricky K. P.

Towards understanding android system vulnerabilities: Techniques and insights

Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, July 2019, p. 295-306
Wu, Daoyuan; Gao, Debin; Cheng, Eric K. T.; Cao, Yichen; Jiang, Jintao; Deng, Robert H.

Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment

Wu, Daoyuan; Gao, Debin; Chang, Rocky K.C.; He, En; Cheng, Eric K.T.; Deng, Robert H.

Article 1

Toward Accurate Network Delay Measurement on Android Phones

IEEE Transactions on Mobile Computing, v. 17, (3), March 2018, p. 717-732
Li, Weichao; Wu, Daoyuan; Chang, Rocky K. C.; Mok, Ricky K. P.

Conference paper 2

SCLib: A practical and lightweight defense against component hijacking in android applications

CODASPY '18: Proceedings of the 8th ACM Conference on Data and Application Security and Privacy, v. 2018, March 2018, p. 299-306
Wu, Daoyuan; Cheng, Yao; Gao, Debin; Li, Yingjiu; Deng, Robert H.

Towards dynamically monitoring android applications on non-rooted devices in the wild

WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, June 2018, p. 212-223
Tang, Xiaoxiao; Wu, Daoyuan; Lin, Yan; Gao, Debin

Conference paper 2

Measuring the declared SDK versions and their consistency with API calls in android apps

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 10251, June 2017, p. 678-690
Wu, Daoyuan; Liu, Ximing; Xu, Jiayun; Lo, David; Gao, Debin

MopEye: Opportunistic monitoring of per-app mobile network performance

Proceedings of the 2017 USENIX Annual Technical Conference, USENIX ATC 2017, 2017, p. 445-457
Wu, Daoyuan; Chang, Rocky K.C.; Li, Weichao; Cheng, Eric K.T.; Gao, Debin

Conference paper 2

Demystifying and puncturing the inflated delay in smartphone-based WiFi network measurement

Proceedings of the 12th International Conference on Emerging Networking Experiments and Technologies, December 2016, p. 497-504
Li, Weichao; Wu, Daoyuan; Chang, Rocky K.C.; Mok, Ricky K.P.

Stack layout randomization with minimal rewriting of android binaries

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 9558, 2016, p. 229-245
Liang, Yu; Ma, Xinjie; Wu, Daoyuan; Tang, Xiaoxiao; Gao, Debin; Peng, Guojun; Jia, Chunfu; Zhang, Huanguo

Conference paper 2

Indirect File Leaks in Mobile Applications

Wu, Daoyuan; Chang, Rocky K.C.

On the accuracy of smartphone-based mobile network measurement

IEEE INFOCOM 2015 - Conference on Computer Communications and Networks, v. 26, August 2015, p. 370-378
Li, Weichao; Mok, Ricky K. P.; Wu, Daoyuan; Chang, Rocky K. C.

Conference paper 1

Analyzing Android browser apps for file:// vulnerabilities

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 8783, 2014, p. 345-363
Wu, Daoyuan; Chang, Rocky K.C.

2019 3

An empirical study of mobile network behavior and application performance in the wild

Proceedings of the International Symposium on Quality of Service, IWQoS 2019, June 2019, article number 4
Zhang, Shiwei; Li, Weichao; Wu, Daoyuan; Jin, Bo; Gao, Debin; Wang, Yi; Chang, Rocky K. C.; Mok, Ricky K. P.
Conference paper

Towards understanding android system vulnerabilities: Techniques and insights

Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, July 2019, p. 295-306
Wu, Daoyuan; Gao, Debin; Cheng, Eric K. T.; Cao, Yichen; Jiang, Jintao; Deng, Robert H.
Conference paper

Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment

Wu, Daoyuan; Gao, Debin; Chang, Rocky K.C.; He, En; Cheng, Eric K.T.; Deng, Robert H.
Conference paper

2018 3

Toward Accurate Network Delay Measurement on Android Phones

IEEE Transactions on Mobile Computing, v. 17, (3), March 2018, p. 717-732
Li, Weichao; Wu, Daoyuan; Chang, Rocky K. C.; Mok, Ricky K. P.
Article

SCLib: A practical and lightweight defense against component hijacking in android applications

CODASPY '18: Proceedings of the 8th ACM Conference on Data and Application Security and Privacy, v. 2018, March 2018, p. 299-306
Wu, Daoyuan; Cheng, Yao; Gao, Debin; Li, Yingjiu; Deng, Robert H.
Conference paper

Towards dynamically monitoring android applications on non-rooted devices in the wild

WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, June 2018, p. 212-223
Tang, Xiaoxiao; Wu, Daoyuan; Lin, Yan; Gao, Debin
Conference paper

2017 2

Measuring the declared SDK versions and their consistency with API calls in android apps

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 10251, June 2017, p. 678-690
Wu, Daoyuan; Liu, Ximing; Xu, Jiayun; Lo, David; Gao, Debin
Conference paper

MopEye: Opportunistic monitoring of per-app mobile network performance

Proceedings of the 2017 USENIX Annual Technical Conference, USENIX ATC 2017, 2017, p. 445-457
Wu, Daoyuan; Chang, Rocky K.C.; Li, Weichao; Cheng, Eric K.T.; Gao, Debin
Conference paper

2016 2

Demystifying and puncturing the inflated delay in smartphone-based WiFi network measurement

Proceedings of the 12th International Conference on Emerging Networking Experiments and Technologies, December 2016, p. 497-504
Li, Weichao; Wu, Daoyuan; Chang, Rocky K.C.; Mok, Ricky K.P.
Conference paper

Stack layout randomization with minimal rewriting of android binaries

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 9558, 2016, p. 229-245
Liang, Yu; Ma, Xinjie; Wu, Daoyuan; Tang, Xiaoxiao; Gao, Debin; Peng, Guojun; Jia, Chunfu; Zhang, Huanguo
Conference paper

2015 2

Indirect File Leaks in Mobile Applications

Wu, Daoyuan; Chang, Rocky K.C.
Conference paper

On the accuracy of smartphone-based mobile network measurement

IEEE INFOCOM 2015 - Conference on Computer Communications and Networks, v. 26, August 2015, p. 370-378
Li, Weichao; Mok, Ricky K. P.; Wu, Daoyuan; Chang, Rocky K. C.
Conference paper

2014 1

Analyzing Android browser apps for file:// vulnerabilities

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), v. 8783, 2014, p. 345-363
Wu, Daoyuan; Chang, Rocky K.C.
Conference paper

No Publications

Teaching Assignment

2024-25 Spring 1 2024-25 Winter 0 2024-25 Fall 0 2023-24 Summer 0 2023-24 Spring 0 2023-24 Winter 0

COMP4541

Blockchain, Cryptocurrencies and Smart Contracts

No Teaching Assignments

Research Interest

Publications

2024 3

2023 2

2022 3

2021 4

2020 1

2019 3

2018 3

2017 2

2016 2

2015 2

2014 1

Conference paper 3

Conference paper 2

Article 1

Conference paper 2

Article 2

Conference paper 2

Conference paper 1

Conference paper 3

Article 1

Conference paper 2

Conference paper 2

Conference paper 2

Conference paper 2

Conference paper 1

2019 3

2018 3

2017 2

2016 2

2015 2

2014 1

Teaching Assignment

Projects

From January 2023 to December 2025

Your browser is out of date!